Review by Lou Vega of the Greater Charleston .NET User Group
This book provides immediate and useful information whether you have previous experience with Honeypots or hadn’t even heard of one until you picked up the book. I would recommend this book to anyone who has ever been interested in network and systems security as it pertains to a Microsoft Windows environment, especially in light of the fact that most previous books and articles with information about Honeypots were geared toward *nix systems.
Those who have no previous experience with Honeypots and would like a background lesson can jump right into Chapters 1 and 2 which should give them a fair basic understanding of what’s involved. Those persons who want to get right to work…start browsing between chapters 3 and 8 for hands on information including screenshots and installation/configuration information. Later chapters cover more advanced information concerning the monitoring and analysis of the traffic captured using your Honeypot.
The author doesn’t leave you stranded with just setting up a Honeypot either. The chapters on Network Analysis, Honeypot Monitoring and alerting, and Honeypot data analysis give you a chance to begin to make real use of the Honeypot and the data gathered while using it. The walkthroughs for setting these analysis and monitoring tools seem easy enough and the author makes good use of available open source tools out there for those who don’t have the budget for some of the commercial applications available.
An added bonus for any networking security person is the wealth of information concerning how to harden a Windows Server, common ports used in malware and numerous configuration demonstrations make this a handy book to keep as a general security reference.
This book will make a fine addition to any IT professional’s reference collection.